Static task
static1
Behavioral task
behavioral1
Sample
2cb25f539bca376c5a509be31ccd8823_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2cb25f539bca376c5a509be31ccd8823_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
2cb25f539bca376c5a509be31ccd8823_JaffaCakes118
-
Size
107KB
-
MD5
2cb25f539bca376c5a509be31ccd8823
-
SHA1
307a7cbd788e8a36534abbd9240e9b87414879ef
-
SHA256
978bad0ebf9ca0c38f352ad71a0ab41a481b32108f7e399042414d0b3cd039ab
-
SHA512
7e97d5192c64b934acc51c44c602600c00bed49546983a98420beb55a6a4ba2cbc92e82c755cd7e06c4b615596edcaf0e8ce1c84c8c7b8f9b7530d5c27e86ab2
-
SSDEEP
1536:QdxZ34+OxW0p0Dt+/cZjsiWRDdyDdpiSGsv1GEs/QMP/HQ62O3n6VvzC6JK+2tGp:+x1LVDt+QzWzyDfc1/3v2JKBtG
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2cb25f539bca376c5a509be31ccd8823_JaffaCakes118
Files
-
2cb25f539bca376c5a509be31ccd8823_JaffaCakes118.exe windows:4 windows x86 arch:x86
6d16914c6d56c575d0fd7859af74cff3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
GlobalFindAtomA
GetSystemTime
lstrlenW
QueryPerformanceCounter
lstrcmpiA
lstrcmpA
CopyFileA
lstrlenA
lstrcmpiW
RemoveDirectoryW
FindClose
DeleteFileA
GetCommandLineA
GetWindowsDirectoryA
RemoveDirectoryA
VirtualAlloc
VirtualFree
user32
GetParent
CharNextA
GetSystemMetrics
GetDesktopWindow
GetDC
TranslateMessage
gdi32
GetTextMetricsA
RectVisible
SelectPalette
CreateCompatibleDC
LineTo
SetTextAlign
GetStockObject
CreatePalette
DeleteObject
GetClipBox
SetStretchBltMode
SetMapMode
CreateSolidBrush
SelectObject
SaveDC
CreateFontIndirectA
GetDeviceCaps
DeleteDC
glu32
gluNurbsCallback
Sections
.text Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 51KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 27KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ